Simplify Workload Isolation and Compliance

Use Isolation Segments to easily isolate apps and their data from other workloads in Pivotal Platform. Configure Isolation Segments using the familiar Cloud Foundry CLI. Setup compute isolation and routing isolation as needed.

Control Where Applications Run with Compute Isolation

Use Isolation Segments to run apps on compute resources isolated from other resources via network partition or firewall.

Manage Application Traffic with Routing Isolation

With Isolation Segments, operators can guarantee that application traffic will traverse a dedicated network path isolated from other paths.

Achieve Isolation within a Single Pivotal Platform Foundation

Achieve isolation and compliance objectives using the Isolation Segments tile in a single foundation. Familiar CLI commands simplify day-to-day operation.

Isolation segments provide dedicated pools of resources where you can deploy apps and isolate workloads. Use isolation segments to separate app resources as completely as if they were in different Pivotal Platform deployments—while avoiding redundant management and network complexity.

Come funziona

To enable isolation segments, an operator must install the Pivotal Platform Isolation Segment tile by performing the procedures in the Installing Pivotal Platform Isolation Segment topic. Installing the tile creates a single isolation segment.

After an admin creates a new isolation segment, the admin can then create and manage relationships between the orgs and spaces of a Cloud Foundry deployment and the new isolation segment.

To manage the isolation segment, an operator uses cf CLI commands.

Operators can perform the following operations on isolation segments:

Create/list/delete isolation segments

Enable/disable and display enabled isolation segments for an org

Set the default isolation segment for an org

Assign an isolation segment to a space and show the isolation segment assigned to a space

Reset the isolation segment assignment for a space

Use isolation segments in conjunction with infrastructure-level isolation features for comprehensive separation of applications.